Viktor Hedberg based in Sweden has worked in IT for over 10 years and is currently employed as a Cyber Security Consultant. He recently became a Microsoft MVP, a well deserved award.
Viktor is active among the tech twitter community and an individual who is always willing to help. He enjoys sharing his knowledge around security and always on the lookout for those security related discussions on Twitter. MAKE SURE YOU HAVE AZURE MFA ENABLED! or he’ll be coming after you!! 🙂
I had the opportunity to meet Viktor in person at the Southcoast Summit where he presented a great session on the 10 things to avoid in Azure Active Directory.
Let’s move on and learn more about Viktor. Feel free to connect to Viktor via his social media handles located towards the end of this interview.
Note: If you have any questions or feedback, please use the comment box towards the end of the interview. All comments are reviewed before we approve and notify the interviewee. Thanks
Viktor Hedberg Interview
Tell us about yourself?
My name is Viktor Hedberg, I´m a Cyber Security Consultant at a company called Truesec, based in my home country Sweden. I’ve been in the “industry” for the better part of 10 years always working with Identity solutions and the last couple of years focusing exclusively on Cyber Security. I´m an MVP in the Cloud and Datacenter Management category, focusing on the sub-category Enterprise Security which has now been removed and split up into new categories instead. I do a lot of security assessments on environments, whether in Azure or on-premises since the realm of security covers both ends. I´m also a part of my company’s CSIRT team where we help companies who have been breached/attacked/fully encrypted from ransomware etc. Pretty much, if you have an incident, you call us. Outside of tech I´m a father of two sons whom I spend as much time as possible with trying to cope with the work/life balance.
What is your greatest achievement whilst working in the world of Tech?
While being awarded an MVP from Microsoft is ranked pretty high on that list, I´d have to say that being a part of Truesec and their CSIRT really lets you see how impactful the things we do actually are. So, if I had to rank my achievements I´d say joining the ranks of Truesec is at number 1 due to the fact that I´ve looked up to the guys working here for so many years, being a part of the CSIRT and help companies and organizations to come back from a big incident and effectively saving them and the employees jobs is a big number 2. Of course the MVP comes next, but in terms of how I view my achievements, becoming an MVP was never a goal I had in mind. I´m just doing what I love and am passionate about, building on that good things have happened and I´m of course super humbled by the fact that I´ve got that MVP award situated in my home-office.
How did you get started in a career in Tech?
I started in 1st line/Helpdesk kind of roles, much like a lot of other people I know. I started taking some classes/courses to advance my knowledge and realized quickly that this was something I found extremely interesting and wanted to delve even deeper into specific topics. From that point on, I´ve held a number of roles in different organizations from 2nd/3rd line support and Solutions Architecture from an Identity point of view. And now, here I am. A consultant for one of the most respected and appreciated security company’s in Sweden just doing what I love on a day-to-day basis.
How did you get started with Microsoft Azure?
Honestly, it kind of evolved into working more and more with Microsoft Azure since the organizations I´ve worked for earlier had M365 in place, or was migrating into solutions within M365. Since I´ve always worked with Identities the transition had to be made in order to stay safe in the cloud as well. From then on, focusing more on other things than identities now, I´m always working on keeping my customers Azure environments as safe as can be, and of course providing content to the community on things that I find really interesting.
What are your areas of expertise? Are you still working with other products apart from Microsoft Azure?
Oh yeah. Active Directory in all regards on-premises (DS, FS, CS etc..) is still an important thing when it comes to Cyber Security, since it has a lot of legacy built into it in most organizations I talk to. A lot of breaches we´re investigating are due to misconfiguration and/or improper management of these services.
You recently presented a great session on the 10 things to avoid in Azure Active Directory. What are those top 10 things?
Basically, that whole session can be summed up in one sentence, “Do not accept the defaults!”. There are a number of important settings that are enabled by default in Azure Active Directory, allowing for total user enumeration as a guest, allowing consent to enterprise applications for end users, not enforcing MFA, allowing for basic authentication to name a few. I have written a blog post about the things you really need to look at and reconfigure in order to stay safe located at this URL: https://hedbergtech.se/8-things-to-look-out-for-in-your-azure-ad/. That post is due an update or two soon, so stay on the lookout for new things added there.
For those organisations who have concerns that the cloud is not secure, what would you advise?
There are several built-in tools in M365/Azure which can help you get a sense of how your security posture in the cloud is shaping up, such as:
- Secure Score (ALL of them, not just the M365 one 😉)
- Security posture management in Microsoft Defender for Cloud Apps
But the biggest thing I can recommend is to either read up on this kind of content, trust me, there is a lot written on docs.microsoft.com in this regard, or hire a company to perform an assessment on your cloud. There are a lot of tools out there to help with these kinds of things as well, but you need to translate the data into something meaningful.
What would you recommend for a techie who wants to learn and gain Azure certifications related to security?
From the Microsoft certificates, the ones that I highly recommend looking at are the AZ-500 (Azure Security Engineer), SC-300 (Identity and Access), SC-200 (Security Operations), and MS-500 (M365 Security Administrator). I know for a fact that there are new certifications coming touching on every aspect of security, but if you´ve got the AZ-500 in your bag, I´d say you´re prepared for working and learning more about security in Azure.
What’s next in your Microsoft Azure journey?
Since security is that field that covers all areas of your infrastructure, I´m always on the lookout for new vulnerabilities in services, working proactively to mitigate the ones we already know of so in that sense, I think I´m pretty set on things to do for the coming years already. I´m trying to find even smarter ways to work with these types of things so there´s always something new to sink your teeth into, whether it´s APIs, PaaS, IAM, PAM etc.
The most important question of all 😊
From a scale from 1 – 10 how crazy are you about Microsoft Azure? (10 being the highest)
Big ‘ol 10!
End of interview